Information Security Series: Data Classification Program

The webinar will cover the life cycle of a security audit from start to finish. Several areas will be discussed to include auditing of software. There will be tips on how to reduce the number of audit findings from a security and privacy perspective from the start of the SDLC (Software development life cycle). This presentation will focus on FISMA audits, but the tips can be applied to all security and privacy audits.

In this session, we look at the issues with testing and audit. This is the base causes of why we fail to secure systems and how we can more effectively create methodologies that actually find flaws. Penetration tests and audit each have major failings, but when done correctly and with the right incentives, they can help make us more secure. When done poorly, we all suffer.

Companies are eager to adopt infrastructure-as-a-service services in both public providers and private datacenters because of the business agility that IaaS enables. Full IT automation, self-service provisioning, and metered usage billing helps companies accelerate the development of their products and services, and improves organizational efficiency. Unfortunately, many companies are struggling to accelerate the most important parts of their business due to the challenges of securing these highly dynamic environments. In this talk Rand Wacker, VP of Products for CloudPassage will describe the challenges of security and compliance in a truly automated cloud and critical topics that you need to be aware of when planning to adopt cloud services in either public or private environments.

During this 60 minute webinar we will go over how the BHOLD Suite and the Analytics module can create rules and manage the authorization process. We'll discuss how rule-based testing of access data can be used if organizational policies are being followed, as well as the automated "what if" impact analysis.

In this session, we look at the issues with testing and audit. This is the base causes of why we fail to secure systems and how we can more effectively create methodologies that actually find flaws. Penetration tests and audit each have major failings, but when done correctly and with the right incentives, they can help make us more secure. When done poorly, we all suffer.

Zac Streelman, Manager, Information Technology at Leupold and Stevens was looking for a disaster recovery (DR) solution that would extend the flexibility of virtualization to his DR environment. The solution had to deliver enterprise-class support for his mission critical applications: Oracle, Microsoft SQL Server and SharePoint and various CAD programs. The board of directors was specifically asking what the current solution was and what service levels could the infrastructure deliver.
Zerto Virtual Replication installed seamlessly into their existing infrastructure, did not require any data center updates and is fully integrated into VMware vCenter.

With Zerto Virtual Replication he was able to:
- Realize very aggressive service levels – recovery point objectives of seconds and recovery time objectives of minutes
- Deliver a better ROI with a DR solution that is hardware agnostic
- Increase team productivity with a very simple solution
- Quickly cross-train additional staff on DR processes and procedures
- Optimize flexibility as changes to the environment required changes to the DR strategy
- Test and validate the DR failover process without taking primary production systems offline

Join Zac Streelman, Manager, Information Technology at Leupold and Stevens and Jennifer Gill, Director of Product Marketing at Zerto, to hear from your peers and learn about Zerto Virtual Replication.

As more applications have moved to the cloud, the industry has seen a proliferation of application security issues. In 2012, several cloud service providers were breached as a direct result of application security vulnerabilities. Before you choose a cloud service provider, make sure that it answers the series of security questions created by the Cloud Security Alliance (CSA). CSA has created a checklist of industry-accepted ways to document what security controls exist in IaaS, PaaS, and SaaS offerings – creating more transparency for enterprises. The speakers will walk attendees through this blueprint, helping them to become more adept at identifying service provider security readiness. They'll also discuss some of the most common application vulnerabilities, including unencrypted passwords, SQL Injection, and those that impact poorly architected mobile apps.

New and disruptive technology is changing how we live and work. It is no longer just the infrastructure of our organization, providing tools and information with which to run our business, it has become integral to many of our products and services. The deployment of technology is the #1 way in which CEOs look to gain advantage and market share, and the CIO must be a visionary leader of the organization.

The panel will discuss how this affects IT Governance. Is it still appropriate to focus on the enterprise governance of IT as a separate but important issue? Or, should the focus shift to governance of the enterprise as a whole and whether it is taking sufficient advantage of technology? Panelists will address the issue from the perspective of an IT Governance Evangelist, an advisor to boards and CFOs, and a leading internal auditor.

Join us as top security experts look at some of the latest security challenges and provide strategies for defense, including how to quickly implement a robust solution that provides the protection you need without impacting your network performance or reducing employee productivity. You will learn how to better protect your networks from the inside as well as the outside, with solutions that reduce work for IT and security teams.

You will learn about:
•The malware menace – latest stats and facts
•Third party industry firewall comparison results: which firewall is best for you?
•Best and easiest practices for securing end points
•How a customer implemented a solution—step-by-step
•And much more…

Join us as top security experts look at some of the latest security challenges and provide strategies for defense, including how to quickly implement a robust solution that provides the protection you need without impacting your network performance or reducing employee productivity. You will learn how to better protect your networks from the inside as well as the outside, with solutions that reduce work for IT and security teams.

You will learn about:
•The malware menace – latest stats and facts
•Third party industry firewall comparison results: which firewall is best for you?
•Best and easiest practices for securing end points
•How a customer implemented a solution—step-by-step
•And much more…